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This listing of claims replaces all prior versions, and 
listings of claims in the instant application: 

Listing of Claims: 

1 . (Currently Amended) A method for enhanced privacy 
protection in identification in a data communications network, 
the method comprising: 

enrolling , by a user, for a service on said data 
communi cat ions network ; 

receiving , by said user, a randomized identifier (ID) 
in response to said enrolling; 

storing said randomized ID; and 

using said randomized ID , by said user, to obtain 
services on said data communications network. 

2 . (Currently Amended) A program storage device readable 
by a machine, embodying a program of instructions executable by 
the machine to perform a method for enhanced privacy protection 
in identification in a data communications network, the method 
comprising : 

enrolling , by a user, for a service on said data 
communi cat ions network ; 

receiving , by said user, a randomized identifier (ID) 
in response to said enrolling; 

storing said randomized ID; and 

using said randomized ID , by said user, to obtain 
services on said data communications network. 
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3. (Currently Amended) An apparatus for enhanced privacy 
protection in identification in a data communications network, 
the apparatus comprising: 

means for enrolling , by a user, for a service on said 

data communications network; 
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means for receiving , by said user, a randomized 
identifier (ID) in response to said enrolling; 
means for storing said randomized ID; and 
means for using said randomized ID , by said user, to 
obtain services on said data communications network. 



4. (Currently Amended) An apparatus for enhanced privacy 
protection in identification in a data communications network, 
the apparatus comprising: 

a smart card configured to store a randomized ID 
obtained in response to enrolling for a service , by a 
user, on said data communications network, said smart card 
further configured to release said randomized ID to obtain 
services on said data communications network. 



5. (Currently Amended) A memory for storing data for 
access by an application program being executed on a data 
processing system, comprising: 

a data structure stored in said memory, said data 
structure including : 

credential data; end 

an authority peer group ID that identifies an 
entity that provided data authentication for said 
credential, said entity comprising a one or more 
network servers in a data communications network, one 
of said one or more network servers providing data 
authentication for said credential; and 

a cryptogram provided by said entity and used to 
authenticate said credential data. 
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6. (Original) A method for obtaining a service on a data 
communications network, the method comprising: 

presenting an authority on said data communications 
network with user data and a credential request; and 
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receiving a credential in response to said credential 
request, said credential comprising: 
a randomized identifier; 
credential user data; and 

an indication of the credential user data 
verification performed by said authority in response 
to said credential request. 

7. (Currently Amended) A method for obtaining a service 
on a data communications network, the method comprising: 

presenting an authority on said data communications 
network with a logon request; 

receiving a kerberos ticket in response to said user 
authentication data, said kerberos ticket comprising a 
randomized user ID; and 

using said kerberos ticket to obtain services from 
one or more service provider on said data communications 
network. 

8. (Currently Amended) A program storage device readable 
by a machine, embodying a program of instructions executable by 
the machine to perform a method for obtaining a service on a 
data communications network, the method comprising: 

presenting an authority on said data communications 
network with a logon request; 

receiving a kerberos ticket in response to said user 
authentication data, said kerberos ticket comprising a 
randomized user ID; and 

using said kerberos ticket to obtain services from 
one or more service provider on said data communications 
network . 
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9. (Currently Amended) An apparatus for obtaining a 
service on a data communications network, the apparatus 
comprising : 

means for presenting an authority on said data 
communications network with a logon request; 

means for receiving a kerberos ticket in response to 
said user authentication data, said kerberos ticket 
comprising a randomized user ID; and 

means for using said kerberos ticket to obtain 
services from one or more service provider on said data 
communications network . 

10. (Cancelled) 

11. (Currently Amended) An apparatus for obtaining a 
service on a data communications network, the apparatus 
comprising : 

a service provider configured to accept a service 
request and enrollment results obtained from an enrollment 
authority, said service provider capable of communicating 
with said enrollment authority to verify said enrollment 
results, said service provider configured to provide said 
service based upon said enrollment results and a response 
from said enrollment authority. 
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